foreseeti

White paper structural vulnerabilities

Structural vulnerabilities - What are they and why do they matter?

Vulnerability scanners often report large numbers of vulnerabilities in corporate IT systems. For the IT security manager, prioritising remediation activities is a problem. Prioritising by vulnerability scoring systems, such as the Common Vulnerability Scoring.

In this article, we show that determining whether vulnerabilities are structural requires a detailed knowledge of the system configuration. For all but the simplest systems, human analysis alone is a poor solution. However, new techniques and tools make detailed attack path analysis viable for corporate IT.

https://foreseti.com/wp-content/uploads/2018/04/foreseeti_white-paper_structural-vulnerabilities.pdf 

Stijn Van Orischot

About The Author

Leave A Comment?